The rise of cryptocurrency has provided new avenues for cybercriminals, particularly through the exploitation of unsuspecting users. A recent malware campaign involves disguising the DarkComet remote access trojan (RAT) as a Bitcoin-related application, thereby specifically targeting cryptocurrency enthusiasts. This malware is particularly dangerous due to its extensive capabilities, including keystroke logging, file theft, and remote desktop control, which can directly lead to financial losses for its victims.
Despite being discontinued by its creator years ago, DarkComet continues to circulate, aided by modern social engineering tactics. The malicious tool identified in this campaign was distributed in a compressed RAR archive, masquerading as “94k BTC wallet.exe.” Once executed, the malware attempts to establish persistence on infected systems by copying itself and creating specific registry keys, ensuring it runs on system restarts. Furthermore, it also tries to connect to a command-and-control server, confirming ongoing malicious activity. Analysts emphasize the importance of avoiding untrusted sources when downloading cryptocurrency tools and maintaining security software to combat these threats.
👉 Pročitaj original: Cyber Security News
